The Naked Security podcast recently discussed the issue of passwords, botnets, and malware on Macs. The podcast is hosted by Doug Aamoth and Paul Ducklin, who discuss various cybersecurity topics. The podcast began with a segment on This Week in Tech History and discussed the release of BASIC, a popular programming language. The hosts then moved on to discuss Google’s recent court order to force ISPs to filter botnet traffic. The botnet in question uses Google to trick people, and the court order allows Google to block traffic from certain IP numbers or domains. This is a significant exercise by Google, as it had to put together a complex legal argument to get the order. The malware, CryptBot, has infected over 670,000 people in the US, and it allows cybercriminals to run a malware-as-a-service or a data-theft-as-a-service service. The court order will not stop the dissemination of the malware, but it will give the crooks some hassle and might draw interest from law enforcement in their own country.
The hosts also discussed what individuals can do to protect themselves. They advised staying away from sites offering unofficial downloads of popular software. While not all unofficial downloads contain malware, it is usually possible to find the one true site for mainstream products and download from there. The hosts also advised against going for pirated or cracked programs, which are illegal and often made by cybercriminals hoping to take advantage of desperate users. There are usually free or open-source alternatives available, although they may not be as good or easy to use.
In summary, the Naked Security podcast discussed the issue of passwords, botnets, and malware on Macs. The hosts discussed Google’s recent court order to force ISPs to filter botnet traffic, which is a significant exercise by Google. The hosts also advised individuals to stay away from unofficial downloads of popular software and pirated or cracked programs. Individuals can protect themselves by finding the one true site for mainstream products and downloading from there or using free or open-source alternatives.